ONTAP Discussions

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ONTAP Discussions

Start a New Post

NetApp PowerShell Toolkit NFS Reporting

Wir_hier_in_LE
‎2020-02-06 01:45 AM
2,964 Views

Hi,

 

using the NetApp PowerShell Toolkit  (Versions 3.1 and 9.7) I want to get a report about all the NFS exports.

So I used the cmdlet Get-NcNfsExport. But, the result lists write access at the root too. There is no write access, only read. Is this a bug of the cmdlet. Does anybody use this cmdlet too?

 

Regards,

Holger

0 Kudos
7 REPLIES 7

JGPSHNTAP
‎2020-02-06 05:19 AM
2,941 Views

You need to start off updating your cmdlets, there is a much later version out.

 

Once that is done, please paste the command you are running

0 Kudos

Wir_hier_in_LE
‎2020-02-06 05:27 AM
In response to JGPSHNTAP
2,938 Views

Thank you for answering.

I do not agrree. This version is from 11/2019 (9.7). Where do you find a newer one?

 

0 Kudos

JGPSHNTAP
‎2020-02-06 06:13 AM
In response to Wir_hier_in_LE
2,932 Views

I'm confused, are you saying ontap 9 9.7 and powershell toolkit 3.1 or powershell toolkit 9.7

 

Either way, paste your command

0 Kudos

Wir_hier_in_LE
‎2020-02-06 06:29 AM
In response to JGPSHNTAP
2,927 Views

Sorry, here the version information:

ONTAP 9.3P1

PSTK 9.6 (Installfile was named NetApp_PowerShell_Toolkit_9.7.0.msi, OntapiPS.dll 14.11.2019, Product Version 9.7.0.0)

 

the command I used is

Get-NcNfsExport -VserverContext svm_xxxxx_nfs | select -ExpandProperty securityrules

 

First output is this (edited):

Pathname SecurityRules
-------- -------------
/ {False, False, False, False...}

Anon : 65534
NcController : clustername
Nosuid : False
ReadOnly : {several IP addresses and networks...}
ReadWrite : {several IP addresses and networks...}
Root : {several IP addresses and networks...}
SecFlavor : {sys}
NosuidSpecified : True

 

Wrong are the entrys at ReadWrite and Root. They have to be empty.

0 Kudos

donny_lang
NetApp A-Team
‎2020-02-06 06:28 AM
2,928 Views

Can you share the output of the following commands? 

 

From the ONTAP CLI - "export-policy rule show -vserver <your SVM> -policyname default

From PowerShell - "(Get-NcNfsExport -VserverContext <your SVM> -Path /).SecurityRules"

 

We should be able to figure out from there what's going on - thanks!   

0 Kudos

Wir_hier_in_LE
‎2020-02-06 06:34 AM
In response to donny_lang
2,925 Views

here is the CLI output (RW Access Rule: never):

2020-02-06 15_31_59-Window.jpg

0 Kudos

donny_lang
NetApp A-Team
‎2020-02-06 07:27 AM
In response to Wir_hier_in_LE
2,915 Views

Your "Superuser Security Types" for that rule index is set to "Any", so the "Root" output is correct based on how that portion of the rule is set up currently. However, it does look like the output is incorrect when the rwrule setting is set to "never" for some reason. In my lab, when I duplicated your policy but set the rwrule to "none", it returned a null value for the "ReadWrite" property. 

 

I tested it in the actual ZAPI call too and it is incorrect there as well. Looks like a bug of some sort. 

All Community Forums
Public